<?php
class Subject extends Model{
	public $id;
	public $name;
	public $content;

	public function __construct($params = null){
		parent::__construct();
		$this->_initialize($params);
	}

	public function add($idUser){
		$supthis =& getInstance();
		$supthis->library('validation');

		//Check validation...
		if (!(bool)validation::minLength($this->name, 4)) {
			return 'Name of subject must be greater than four character';
		}

		if (!(bool)validation::minLength($this->content, 10)) {
			return 'Content of subject must be greater than ten character';
		}

		///Filter xss and crsf, sql injection.
		$this->name = stripslashes(mysql_real_escape_string($this->name));
		//$this->name = htmlspecialchars(mysql_real_escape_string($this->name));
		$this->content = stripslashes((mysql_real_escape_string($this->content)));
		//$this->content = htmlspecialchars((mysql_real_escape_string($this->content)));

		$sql = sprintf("INSERT INTO `l5_subject`(`name`, `subject`,`content`)
				VALUES('%s', NULL, '%s')",
				$this->name, $this->content);

		$this->db->startTrans();
		$this->db->queryshort($sql, DB_NAME);
		//$row_affected = $this->db->affectedRow();
		$idLast = $this->db->getLastId();

		$sql = "INSERT INTO `l5_user_subject`(`user_id`, `subject_id`, `time`)
					VALUES(" . $idUser . "," .$idLast . ", NOW())";
		$this->db->queryshort($sql, DB_NAME);

		$row_affected = $this->db->affectedRow();

		if ($row_affected > 0) {
			$this->db->commit();
			return 'Add subject successfully';
		} else {
			$this->db->rollback();
			return 'Add subject unsuccessfully';
		}
	}

	public function delete($id){
		if(empty($id)){
			return false;
		}

		$sql = "DELETE FROM `l5_subject` WHERE `id`=" . $id;
		$this->db->queryshort($sql, DB_NAME);
		$affectedRow = $this->db->affectedRow();

		if ($affectedRow > 0) {
			return true;
		} else {
			return false;
		}

		return false;
	}

	public function update(){
		$supthis =& getInstance();
		$supthis->library('validation');

		//Check validation...
		if (!(bool)validation::minLength($this->name, 4)) {
			return 'Name of subject must be greater than four character';
		}

		if (!(bool)validation::minLength($this->content, 10)) {
			return 'Content of subject must be greater than ten character';
		}

		///Filter xss and crsf, sql injection.
		$this->name = htmlspecialchars(mysql_real_escape_string($this->name));
		$this->content = htmlspecialchars((mysql_real_escape_string($this->content)));

		$sql = "UPDATE `l5_subject` SET name='%s', `content`='%s' WHERE `id`=" . $this->id;
		$sql = sprintf($sql, $this->name, $this->content);

		$this->db->queryshort($sql, DB_NAME);
		$affectedRow = $this->db->affectedRow();

		if ($affectedRow > 0) {
			return 'Updated subject successfully.';
		} else {
			return 'Updated subject successfully.';
		}

		return false;
	}

	public function getById($id){
		$sql = sprintf("SELECT *
				FROM `l5_subject`
				WHERE `id`=%s", $id);
		$this->db->queryshort($sql, DB_NAME);
		$numRow = $this->db->numRow();
		if ($numRow > 0) {
			while ($row = mysql_fetch_object($this->db->result)) {
				return $row;
			}
		}

		return NULL;
	}

	public function gets(){
		$sql = "SELECT a.*, b.user_id, b.time, c.name as `name_user`
					FROM `l5_subject` a INNER JOIN `l5_user_subject` b
						ON a.id=b.subject_id INNER JOIN `l5_user` c
						ON b.user_id=c.id";
		$this->db->queryshort($sql, DB_NAME);
		$numRow = $this->db->numRow();
		if ($numRow > 0) {
			return $this->db->getArrayObject();
		}

		return NULL;
	}
}